A new report by Huawei Technologies USA and Reuters calls for greater international collaboration around transparency and cyber accountability. "Just having requirements isn't good enough. There needs to be an ability to tell whether or not the requirements are being met," says CSO Andy Purdy.
"Garbage in, garbage out." That's a fundamental problem with traditional application security management, which lacks both context and automation. But Idan Plotnik, co-founder and CEO of Apiiro, proposes a new approach to application risk management.
Whether on-premises or in the cloud, secure backups are a necessity. Sam Nicholls and David Hill of Veeam Software discuss backups, the shared responsibility model and IAM considerations for enterprises during their cloud migrations.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the status of the recommendations of the Cyberspace Solarium Commission today and what still needs to be enacted by the current Congress, addressing the increasing challenge of cyberattacks...
We know they are coming, and yet we are still ill-prepared. Cybereason surveyed 1,200 global cybersecurity professionals on ransomware. And while most are concerned about attacks, nearly one-quarter have no contingencies for weekends and holidays - the favored strike time. Sam Curry explains why.
One of the effective ways to tackle AML fraud is to leverage technologies such as behavioral biometrics and device biometrics, says Charles Subrt, director of the fraud and AML practice at Aite-Novarica Group.
The specter of the May attack on Ireland's national health service loomed large at the IRISSCON 2021 cybercrime conference in Dublin, as cybersecurity experts gathered to detail the ongoing rise of ransomware and other types of online crime, as well as how to best combat such attacks.
Chipmaker Intel has issued a security advisory for two high-severity vulnerabilities in the BIOS reference code in Intel processors that may allow privilege escalation attacks. The vulnerabilities have a high CVSS v3 score of 8.2.
CISA this week issued playbooks for incident and vulnerability response, providing federal civilian agencies with a standard set of procedures to both respond to incidents and address vulnerabilities on government networks.
The network detection and response market is "relatively unchallenged at this point by other markets," and detection is the most important use case, says Nat Smith of Gartner, who shares key findings from the company's report titled Emerging Trends: Top Use Cases for Network Detection and Response.
Two recent hacking incidents - one involving ransomware and the other involving the exfiltration of sensitive data for hundreds of thousands of individuals - are among the latest examples of the serious cybersecurity threats and risks facing healthcare organizations and their patients' information.
Several key federal cybersecurity leaders in the U.S. on Wednesday outlined the Biden administration's approach to countering ransomware, which they called a national security issue. The leaders are backing incident reporting legislation and assessing Russia's progress in curbing attacks conducted within its borders.
The Emotet botnet, which was hampered by law enforcement actions earlier this year, is making a comeback. The resurgence appears to be due to help from old friends: cybercriminals running the Trickbot botnet. Unfortunatel,y the development may fuel more ransomware attacks.
The U.S. Department of Homeland Security on Monday launched a new personnel system that it says will enable the department to "more effectively recruit, develop, and retain cybersecurity professionals." Those recruited through the system will join the ranks of the DHS Cybersecurity Service, a federal team of cyber...
The U.S. and Israel will expand their diplomatic relationship around cybersecurity, announcing a bilateral task force this week that will support cybersecurity and fintech innovation. The news follows recent action by the U.S. Department of Commerce to blacklist Israeli spyware firm NSO Group.